package com.example.emos.wx.config.xss;


import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;

/**
 * servlet过滤器--XssFilter shiro过滤器--OAuth2Filter AOP拦截器--TokenAspect
 * 执行顺序为   XssFilter-->OAuth2Filter-->Controller-->TokenAspect
 * 因为spring项目会最先执行标准的servlet过滤器XssFilter，之后进入springmvc框架后再执行OAuth2Filter
 */
@WebFilter(urlPatterns = "/*") // 拦截所有请求
public class XssFilter implements Filter {
    @Override
    public void init(FilterConfig filterConfig) throws ServletException {

    }

    @Override
    public void destroy() {

    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        XssHttpServletRequestWrapper xssRequest = new XssHttpServletRequestWrapper((HttpServletRequest) servletRequest);
        filterChain.doFilter(xssRequest, servletResponse);
    }
}
